CVE-2021-38380 - log back

CVE-2021-38380 edited at 10 Aug 2021 19:29:33
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ live-media before version2021.08.04 mishandles huge requests for the same MP3 stream, leading to recursion and a stack-based buffer over-read. An attacker can leverage this to launch a denial of service attack.
References
+ http://lists.live555.com/pipermail/live-devel/2021-August/021954.html
+ http://www.live555.com/liveMedia/public/changelog.txt
Notes
CVE-2021-38380 created at 10 Aug 2021 19:27:53